CVE-2025-37955

216.73.216.233

· Published 20/05/2025 16:15 · Modified 21/05/2025 20:24

Labels: CVE-2025-37955 2025-05-20 416baaa9-dc9f-4396-8d5f-8c081fb06d67 CVE-2025-37955

Essential information

Published: 20/05/2025 16:15
Modified: 21/05/2025 20:24
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

In the Linux kernel, the following vulnerability has been resolved: virtio-net: free xsk_buffs on error in virtnet_xsk_pool_enable() The selftests added to our CI by Bui Quang Minh recently reveals that there is a mem leak on the error path of virtnet_xsk_pool_enable(): unreferenced object 0xffff88800a68a000 (size 2048): comm "xdp_helper", pid 318, jiffies 4294692778 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): __kvmalloc_node_noprof+0x402/0x570 virtnet_xsk_pool_enable+0x293/0x6a0 (drivers/net/virtio_net.c:5882) xp_assign_dev+0x369/0x670 (net/xdp/xsk_buff_pool.c:226) xsk_bind+0x6a5/0x1ae0 __sys_bind+0x15e/0x230 __x64_sys_bind+0x72/0xb0 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD: View on NVD

Affected products (CPE)

Product	CPE
linux / linux kernel	`cpe:2.3:a:linux:linux_kernel::::::::`

CVE-2025-37955

Essential information

Description

NVD status

Affected products (CPE)

References